F-Masood
commented
6 months ago Adding a couple of examples.
Closed F-Masood closed 4 months ago
F-Masood
commented
6 months ago Adding a couple of examples.
F-Masood
commented
5 months ago updated the code, now the code can resolve the IP address. it makes query to DC on port 53 (TCP), doesn't rely on the nameserver present in /etc/resolv.conf
F-Masood
commented
5 months ago after creating GetADComputers.py, i have created another code called readLAPS.py, this tries to read all the LAPS password from the current domain computers.
anadrianmanrique
commented
4 months ago I've been reviewing and testing this PR. I think it's pretty much ready to be merged. Thanks for submitting!
I am a big fan of impacket and when ever I start my enumeration phase, impacket is the first tool I use. I heavily rely on impacket's GetADUsers code but I felt that we should have a similar code that basically fetches the information about computers .... As a result, I have created a similar code (GetADComputers.py) that basically query's DC via LDAP and returns the COMPUTER objects and the useful attributes such as full dns name, operating system name and version.
Why the need of this ? Often during pentest we land into a network/subnet where we can't see all the hosts/computers part of DC because we are in a different network / VLAN. However, this code will request DC and as a result the hosts which are not visible in NMAP / ping /ARP scan, this code will list all those hosts in a nice format.